{"id":18978255,"url":"https://github.com/autodesk/go-awsecs","last_synced_at":"2025-04-19T17:36:43.450Z","repository":{"id":48208624,"uuid":"145189739","full_name":"Autodesk/go-awsecs","owner":"Autodesk","description":"Library and tools for AWS ECS operations","archived":false,"fork":false,"pushed_at":"2023-01-05T21:51:52.000Z","size":107,"stargazers_count":22,"open_issues_count":5,"forks_count":4,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-03-29T10:51:20.983Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://github.com/Autodesk/go-awsecs","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Autodesk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null}},"created_at":"2018-08-18T04:26:22.000Z","updated_at":"2025-01-15T11:50:35.000Z","dependencies_parsed_at":"2023-02-04T18:15:44.594Z","dependency_job_id":null,"html_url":"https://github.com/Autodesk/go-awsecs","commit_stats":null,"previous_names":["andresvia/go-awsecs"],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Autodesk%2Fgo-awsecs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Autodesk%2Fgo-awsecs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Autodesk%2Fgo-awsecs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Autodesk%2Fgo-awsecs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Autodesk","download_url":"https://codeload.github.com/Autodesk/go-awsecs/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249235081,"owners_count":21235145,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-08T15:32:48.781Z","updated_at":"2025-04-16T11:31:40.842Z","avatar_url":"https://github.com/Autodesk.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# go-awsecs\n\n[![godoc reference](http://img.shields.io/badge/godoc-reference-blue.svg)](https://pkg.go.dev/github.com/Autodesk/go-awsecs)\n\n[![travis ci](https://api.travis-ci.org/Autodesk/go-awsecs.svg?branch=master)](https://travis-ci.org/Autodesk/go-awsecs)\n\n[![coverage status](https://coveralls.io/repos/github/Autodesk/go-awsecs/badge.svg?branch=master)](https://coveralls.io/github/Autodesk/go-awsecs?branch=master)\n\nLibrary and tools for AWS ECS operations.\n\n# contributing\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md).\n\n# tools\n\n## update-aws-ecs-service\n\nReliably update a single ECS service with a single simple discrete command.\n\n![flowchart](update-aws-ecs-service.png)\n\nIs a deployment tool inspired by\n[AWS CodePipeline image definitions file method for updating existing ECS services](https://docs.aws.amazon.com/codepipeline/latest/userguide/pipelines-create.html#pipelines-create-image-definitions).\nThis tool is first and foremost an acknowledgment that orchestrating application deployments is a **hard problem** and\ndoes not attempt to solve that, instead, it tries to do something similar to AWS CodePipeline in a standalone fashion\nwithout depending on AWS CodePipeline, and more importantly without having to create individual AWS CodePipeline\npipelines.\n\nGet:\n\nGrab binary distribution from [releases tab](https://github.com/Autodesk/go-awsecs/releases). Or.\n\n```\ngo get -v -u github.com/Autodesk/go-awsecs/cmd/update-aws-ecs-service\n```\n\nUse\u003csup\u003e1\u003c/sup\u003e:\n\n```\nupdate-aws-ecs-service --help\nUsage of ./update-aws-ecs-service:\n  -cluster string\n    \tcluster name\n  -container-envvar value\n    \tcontainer-name=envvar-name=envvar-value\n  -container-image value\n    \tcontainer-name=image\n  -container-logopt value\n    \tcontainer-name=logdriver=logopt=value\n  -container-logsecret value\n    \tcontainer-name=logdriver=logsecret=valuefrom\n  -container-secret value\n    \tcontainer-name=secret-name=secret-valuefrom\n  -desired-count int\n    \tdesired-count (negative: no change) (default -1)\n  -profile string\n    \tprofile name\n  -region string\n    \tregion name\n  -service string\n    \tservice name\n  -task-role string\n    \ttask iam role, set to \"None\" to clear\n  -taskdef string\n    \tbase task definition (instead of current)\n```\n\nExample.\n\nFirst, build and push a new Docker image for your service somewhere else.\n\n```\ndocker build -t myrepo/myimg:newtag .\ndocker push myrepo/myimg:newtag\n```\n\nThen, alter the existing container image only, like AWS CodePipeline does.\n\n```\nupdate-aws-ecs-service \\\n  -cluster mycluster \\\n  -service myservice \\\n  -container-image mycontainer=myrepo/myimg:newtag\n# default timeout for the operation is 15 minutes\n```\n\nYou may also alter more than one container at the same time.\n\n```\nupdate-aws-ecs-service \\\n  -cluster mycluster \\\n  -service myservice \\\n  -container-image mycontainer1=myrepo/myimg1:newtag \\\n  -container-image mycontainer2=myrepo/myimg2:newtag\n```\n\nAlternatively, you can also alter environment variables and service desired count.\n\n```\nupdate-aws-ecs-service \\\n  -cluster mycluster \\\n  -service myservice \\\n  -container-image mycontainer=myrepo/myimg:newtag \\\n  -container-envvar mycontainer=envvarname=envvarvalue \\\n  -desired-count 1\n```\n\n💡 Use the empty value on `-container-envvar` or `-container-secret` to unset (K.O.) the environment variable or\nsecret. Example.\n\n```\nupdate-aws-ecs-service \\\n  -cluster mycluster \\\n  -service myservice \\\n  -container-envvar mycontainer=myenvvarname= \\\n  -container-secret mycontainer=mysecretname= \\\n```\n\n💡 Combined updates are possible. For example: \"Update the application container image and adjust the `awslogs` log driver options for the sidecar container.\"\n\n```\nupdate-aws-ecs-service \\\n  -cluster example \\\n  -service service1-application1 \\\n  -container-image application=example.com/service1/application1:1a2b3c4 \\\n  -container-logopt sidecar=awslogs=awslogs-group=/com/example/service1/application1 \\\n  -container-logopt sidecar=awslogs=awslogs-stream-prefix=sidecar-1a2b3c4\n```\n\n### update-aws-ecs-service compared to AWS CodePipeline\n\n - With `update-aws-ecs-service` there is no need to create individual AWS CodePipeline pipelines per service\n - `update-aws-ecs-service` allow updates of container definitions \"Environment\" and\n   \"[Secrets](https://aws.amazon.com/about-aws/whats-new/2018/11/aws-launches-secrets-support-for-amazon-elastic-container-servic/)\"\n\n### update-aws-ecs-service compared to AWS CLI\n\nAlthough similar results can be achieved glueing multiple `awscli` commands, a single `update-aws-ecs-service` is\ndifferent.\n\n - `aws ecs update-service` only invokes `UpdateService` which is an async call\n - `aws ecs wait services-stable` is not linked to the ECS Deployment Entity\u003csup\u003e2\u003c/sup\u003e returned by `UpdateService`\n - `update-aws-ecs-service` provides automatic rollback\n\n### update-aws-ecs-service compared to Terraform\n\nIt is a [known issue](https://github.com/terraform-providers/terraform-provider-aws/issues/3107) that Terraform, does\nnot wait for an ECS Service to be updated, a decision made probably by design by Hashicorp.\n\nHowever, `update-aws-ecs-service` can be used in conjunction with Terraform, just keep in mind that when\n**provisioning** a service, start with an \"initial task definition\", and configure the lifecycle of the\n`task_definition` attribute to `ignore_changes`.\n\n```\nresource \"aws_ecs_service\" \"my_service\" {\n  task_definition = \"my_initial_task_def\"\n  // ...\n\n  lifecycle {\n    ignore_changes = [\"task_definition\" /* ... */]\n  }\n}\n```\n\nThat way Terraform will be maintained as the \"provisioning tool\" and `update-aws-ecs-service` as the \"deployment tool\".\n\n### update-aws-ecs-service compared to Terraform+scripts\n\n - Why not just do `aws ecs wait services-stable` commands after the `terraform apply` command\n\n   Caveat 1: `wait` evaluates service stability but not that the desired deployment is applied the service may have become\n   stable because it was rolled back or rolled forward somewhere else, there is no certainty that \"our\" deployment was\n   the one that rendered the service stable\n   \n   Caveat 2: `wait` does not handle service deployment rollback\n\n - Why not just do `curl|httpie` commands after the `terraform apply` command until a desired result is obtained\n   probably after a number of times, for example by looking at an endpoint that returns the \"deployed version\" like:\n   http://myservice.example.com/api/version returns `{\"version\": \"v2.0.0\"}`\n\n   Caveat 1: This works only for services which are public (internet reachable) or reachable from the same location\n   where `curl|httpie` is executed, this is not always the case, some services are internal or not reachable from every\n   location\n   \n   Caveat 2: Works only for HTTP services that provide a \"version\" endpoint\n\n### update-aws-ecs-service compared to AWS CodeDeploy\n\nTBC\u003csup\u003e3\u003c/sup\u003e.\n\n### update-aws-ecs-service compared to amazon-ecs-cli\n\nTBC.\n\n### update-aws-ecs-service compared to ecs-deploy\n\nThe [ecs-deploy](https://github.com/silinternational/ecs-deploy) script\n[doesn't recognize multi-container tasks](https://github.com/silinternational/ecs-deploy/issues/132).\n\n### update-aws-ecs-service compared to ecs-goploy\n\n[ecs-goploy](https://github.com/h3poteto/ecs-goploy) as a re-implementation of ecs-deploy shares the same caveats.\n\n### update-aws-ecs-service compared to Autodesk CloudOS\n\n`update-aws-ecs-service` is not a framework, is just a tool to update existing AWS ECS services. You just need to know\nhow to build Docker images.\n\n### update-aws-ecs-service compared to X\n\nTBC.\n\n## enforce-aws-ecs-asg-launchconfig\n\n\n![flowchart](enforce-aws-ecs-asg-launchconfig.png)\n\nThis tool is useful to ensure that all EC2 instances in a ECS cluster backed up by a ASG share the launch configuration\ndefined in the ASG. This tool does not work with launch templates! ECS EC2 Container Instances will be drained. EC2\nInstances will be terminated (after they have been drained).\n\n**Important**: Depending of your cluster service(s) deployment configuration, services **will experiment downtime**.\nFor example use a service deployment configuration like, \"Minimum healthy percent\": `100` and \"Maximum percent\": `200`\nto prevent downtime `enforce-aws-ecs-asg-launchconfig` does not do anything special to prevent downtime it depends\nentirely of your cluster service(s) specific configuration(s).\n\nGet:\n\nGrab binary distribution from [releases tab](https://github.com/Autodesk/go-awsecs/releases). Or.\n\n```\ngo get -v -u github.com/Autodesk/go-awsecs/cmd/enforce-aws-ecs-asg-launchconfig\n```\n\nUse:\n\n```\nenforce-aws-ecs-asg-launchconfig --help\nUsage of enforce-aws-ecs-asg-launchconfig:\n  -asg string\n    \tasg name\n  -cluster string\n    \tcluster name\n  -profile string\n    \tprofile name\n  -region string\n    \tregion name\n```\n\nExample:\n\n```\nenforce-aws-ecs-asg-launchconfig \\\n  -asg myasgname \\\n  -cluster myclustername\n# default timeout for the operation is 15 minutes\n```\n\n----\n\n1. https://unix.stackexchange.com/a/111557/19393\n2. https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_Deployment.html\n3. To Be Compared\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fautodesk%2Fgo-awsecs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fautodesk%2Fgo-awsecs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fautodesk%2Fgo-awsecs/lists"}